Threat Modeling Templates


This Working Session aims to create five threat modelling templates, that may include some of the following:

  • Traditional web applications
  • Web services
  • Mobile client applications
  • IoT Devices
  • JS based Frameworks
  • Intra & Inter Cloud VPC Components

These may also expand to include combinations of client-side applications to expose server-side applications (e.g. - mobile-web API, IoT-to web API, etc.).

The Threat Modelling will begin with a suite of deliverables to help threat modelling practitioners consider a broad range of possible application components for each type of template. Each component may be related to an associated actor, associated trust boundaries within and beyond the application domain, data flows, associated protocols, 3rd party dependencies, etc. For each template that they download, leverage, and use as part of their threat modelling project, the intent is get practitioners to understand the following:

  • Implicit/Explicit Trust boundaries within the attack surface and at the edge of the surface boundary
  • Relevant system or application level actors and associated privileges making calls to other app components
  • Possible inherent attack surface of a templated application
  • Inherent threats to consider for different deployment models (architecture)
  • Proposed countermeasures to consider for each application threat modelling template.
  • Associated protocols associated with various templates
  • Possible attack vectors that could realise threat motives from a threat agent/actor

Why

Threat modelling needs greater adoption into current SDLC methodologies. Many development groups strive to apply threat modelling efforts under tight development windows. The threat modelling templates should allow a formal project to maintain the content and update the templated threat models for each template to stay relevant to various threats. The challenge addressed by the Working Session is that teams need starting points which they can apply to their own applications. The templates are intended to give users a basic understanding of threats that should be considered and mitigated at the design stage.

What

  • DFD for each template type
  • Attack tree template
  • Threat library for each template developed
  • Design mitigations or programmatic countermeasures recommended for associated threat library for each template
  • Weakness library management and integration

Outcomes

  • 5 threat modelling templates created

Who

The target audience for this Working Session is:

  • Application Architects (for DFD creation, templating)
  • Web developers of varying language backgrounds (.NET, Java, PHP, .js, etc.)
  • DBAs/ DB Developers
  • Security professionals with application architecture and software development experience

Working materials

Here are the current ‘work in progress’ materials for this session

(please add as much information as possible before the sessions)

Content

…add content…

Related Working Session(s)

  • Threat Modeling Cheat Sheets


Back to list of all Working Sessions and Tracks

Edit this page here